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AMENDMENTS TO THE SPECIFICATION: 

Please replace the paragraph beginning on line 8, page 4 with the following amended 
paragraph: 

Creating and storing the privilege token may involve receiving a user name associated 
with the subscriber and mapping the user name to a distinguished name in the directory 
repository; creating and storing in the privilege token T one or more roles occupied by the 
subscriber based on role information that is stored in the directory repository. 

Please replace the paragraph beginning on line 12, page 4 with the following 
amended paragraph: 

A host object in the directory may uniquely identify the subscriber for th e subscrib e r, 
and the host object may contain the privilege token corresponding to the subscriber. 

Please replace the paragraph beginning on line 1, page 5 with the following amended 
paragraph: 

In other aspects, the invention encompasses a computer apparatus ? and a computer 
readable medium, and a carrier wave configured to carry out the foregoing steps. 

Please replace the paragraph beginning on line 21, page 1 1 with the following 
amended paragraph : 

The authentication server 44 6106 is used primarily for user authentication. When 
authentication server 44 6106 is a RADIUS server, selected RADIUS attributes may be 
defined in the AAA database and may be used by the service selection gateway. Service and 
user data is in directory server 1 18. In an embodiment, a schema is defined for storing the 
user and service data in an LDAP directory. An example schema is set forth herein in 
APPENDIX 1. 

Please replace the paragraph beginning on line 1, page 13 with the following 
amended paragraph: 
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In one embodiment, the service selection gateway ("SSG") and service selection 
dashboard ("SSD") interact using RADIUS protocol commands. A set of commands is 
defined for the interaction between the SSG and SSD. In one specific embodiment, the 
commands include ACCOUNT LOG ON, ACCOUNT LOG OFF, SERVICE LOG ON, 
SERVICE LOG OFF, DEFAULT DNS SERVICE, SERVICE MESSAGE, ACCOUNT 
STATUS QUERY, SERVICE ACCESS ORDER, a command to set a Privilege token in the 
service selection gateway by associating it with a Host object, and a command to retrieve a 
Privilege token that is stored in a specified Host object. 

Please replace the paragraph beginning on line 8, page 16 with the following 
amended paragraph: 

In block 2-007, the auth e ntication authorization service returns the privilege token to 
the service selection dashboard. In one embodiment, the privilege token is provided in clear 
text and stored at the service selection gateway. Alternatively, the privilege token may be 
encrypted to prevent security attacks such as replay, forgery, etc. 

Please replace the paragraph beginning on line 16, page 17 with the following 
amended paragraph: 

In block 2-01 1, "auto-logon" services are processed. In an embodiment, then service 
selection dashboard creates and stores a list of services that are marked as "Auto Logon." 
This information is available in the response that is sent from the directory-enabled service 
selection system to the service selection dashboard in the preceding step. 

Please replace the paragraph beginning on line 22, page 28 with the following 
amended paragraph: 

Specifically, a "subscriber" interface represents a subscriber. Any entity that can be a 
subscriber implements this interface. Examples include^ user, organizational units, groups, 
etc. 
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Please replace the paragraph beginning on line 11, page 31 with the following 
amended paragraph: 

The invention is related to the use of computer system 700 for modifying a 
subscription of a subscriber to a telecommunication process based on subscriber information 
and service information that are stored in a directory repository communicating n e twork 
quality of s e rvic e policy information to a plurality of policy e nforc e m e nt points. According 
to one embodiment of the invention, modifying a subscription of a subscriber to a 
telecommunication process communicating n e twork quality of s e rvic e policy information to 
a plurality of policy e nforc e m e nt points is provided by computer system 700 in response to 
processor 704 executing one or more sequences of one or more instructions contained in 
main memory 706. Such instructions may be read into main memory 706 from another 
computer-readable medium, such as storage device 710. Execution of the sequences of 
instructions contained in main memory 706 causes processor 704 to perform the process 
steps described herein. One or more processors in a multi-processing arrangement may also 
be employed to execute the sequences of instructions contained in main memory 706. In 
alternative embodiments, hard- wired circuitry may be used in place of or in combination with 
software instructions to implement the invention. Thus, embodiments of the invention are 
not limited to any specific combination of hardware circuitry and software. 



